I’m using virtualmin to proxy to a web app Taiga and wondering how to get the letsencrypt SSL forwarded so I can access the page outside the network.
The Taiga Guide is here.
https://docs.taiga.io/setup-production.html#start-and-expose
When trying to use the page I get,
Proxy Error
The proxy server could not handle the request
Reason: Error during SSL Handshake with remote server
The web app is hosted on a njinx server in a LXC container using this code as taiga.conf.
Proxing is passing to the IP of the service, https://192.168.1.5/
server {
listen 80 default_server;
server_name _;
return 301 https://$server_name$request_uri;
}server {
listen 443 default_server;
server_name _; # See Server nameslarge_client_header_buffers 4 32k; client_max_body_size 50M; charset utf-8; access_log /home/taiga/logs/nginx.access.log; error_log /home/taiga/logs/nginx.error.log; # Frontend location / { root /home/taiga/taiga-front-dist/dist/; try_files $uri $uri/ /index.html; } # Backend location /api { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://127.0.0.1:8001/api; proxy_redirect off; } # Admin access (/admin/) location /admin { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://127.0.0.1:8001$request_uri; proxy_redirect off; } # Static files location /static { alias /home/taiga/taiga-back/static; } # Media location /_protected { internal; alias /home/taiga/taiga-back/media/; add_header Content-disposition "attachment"; } # Unprotected section location /media/exports { alias /home/taiga/taiga-back/media/exports/; add_header Content-disposition "attachment"; } location /media { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://127.0.0.1:8003/; proxy_redirect off; } # Events location /events { proxy_pass http://127.0.0.1:8888/events; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_connect_timeout 7d; proxy_send_timeout 7d; proxy_read_timeout 7d; } # TLS # Configure your TLS following the best practices inside your company
}
I beleive I need some extra perameteres to pass through the Lets encrypt over so how would I do this?
I was using a self signed certificate in the nginx taiga.conf to set it up internally with this modified code,
server {
listen 443 SSL default_server;
server_name _; # See Server namesssl_certificate /etc/ssl/certs/localhost.crt; ssl_certificate_key /etc/ssl/private/localhost.key;